//package com.pubinfo.passbook.shiro.filter;
//
//import com.pubinfo.passbook.shiro.token.JwtToken;
//import lombok.extern.slf4j.Slf4j;
//import org.apache.shiro.authz.UnauthorizedException;
//import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
//import org.springframework.http.HttpStatus;
//import org.springframework.web.bind.annotation.RequestMethod;
//
//import javax.servlet.ServletRequest;
//import javax.servlet.ServletResponse;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.net.URLEncoder;
//
//@Slf4j
//public class MyJWTFilter extends BasicHttpAuthenticationFilter {
//  /**
//   * 如果带有 token，则对 token 进行检查，否则直接通过
//   */
//  @Override
//  protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws UnauthorizedException {
//    //判断请求的请求头是否带上 "Token"
//    if (isLoginAttempt(request, response)) {
//      //如果存在，则进入 executeLogin 方法执行登入，检查 token 是否正确
//      try {
//        executeLogin(request, response);
//        return true;
//      } catch (Exception e) {
//        //token 错误
//        responseError(response, e.getMessage());
//      }
//    }
//
//    return true;
//  }
//
//  /**
//   * 判断用户是否想要登入。
//   * 检测 header 里面是否包含 Token 字段
//   */
//  @Override
//  protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) {
//    HttpServletRequest req = (HttpServletRequest) request;
//    String token = req.getHeader("x-token");
//    return token != null;
//  }
//
//  /**
//   * 执行登陆操作
//   */
//  @Override
//  protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
//    HttpServletRequest httpServletRequest = (HttpServletRequest) request;
//    String token = httpServletRequest.getHeader("x-token");
//    JwtToken jwtToken = new JwtToken(token);
//    // 提交给realm进行登入，如果错误他会抛出异常并被捕获
//    getSubject(request, response).login(jwtToken);
//    // 如果没有抛出异常则代表登入成功，返回true
//    return true;
//  }
//
//  /**
//   * 对跨域提供支持
//   */
//  @Override
//  protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
//    HttpServletRequest httpServletRequest = (HttpServletRequest) request;
//    HttpServletResponse httpServletResponse = (HttpServletResponse) response;
//    httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
//    httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
//    httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
//    // 跨域时会首先发送一个option请求，这里我们给option请求直接返回正常状态
//    if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
//      httpServletResponse.setStatus(HttpStatus.OK.value());
//      return false;
//    }
//    return super.preHandle(request, response);
//  }
//
//  /**
//   * 将非法请求跳转到 /unauthorized/**
//   */
//  private void responseError(ServletResponse response, String message) {
//    try {
//      HttpServletResponse httpServletResponse = (HttpServletResponse) response;
//      //设置编码，否则中文字符在重定向时会变为空字符串
//      message = URLEncoder.encode(message, "UTF-8");
//      httpServletResponse.sendRedirect("/unauthorized/" + message);
//    } catch (IOException e) {
//      log.error(e.getMessage());
//    }
//  }
//}
